package cn.bonoon.handler.impl;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;

/**
 * <pre>
 * 登录失败时进入；
 * 如用户不存在、密码错误、该用户被禁止等登录失败的操作都交给这个类来处理
 * </pre>
 * @author jackson
 *
 */
public class AuthenticationFailureHandlerImpl extends SimpleUrlAuthenticationFailureHandler {
	
	private final static String DEFAULT_LOGIN_FAILURE_URL = "/s/login/error";

//	@Autowired
//	private LoginRecordService loginRecordSevice;

	public AuthenticationFailureHandlerImpl() {
		super(DEFAULT_LOGIN_FAILURE_URL);
	}

	@Override
	public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
//		@SuppressWarnings("deprecation")
//		Authentication authentication = exception.getAuthentication();
//		if(null != authentication && authentication.getPrincipal() instanceof LogonUser){
//			try {
//				LogonUser bu = (LogonUser) authentication.getPrincipal();
//				loginRecordSevice.login(bu, exception.getMessage(), RequestHelper.getIpAddress(request), false);
//			} catch (Throwable err) {
//				// 忽略所有异常情况
//				err.printStackTrace();
//				logger.error("登录失败记录异常", err);
//			}
//		}
		super.onAuthenticationFailure(request, response, exception);
	}
}
